Here's Why You Shouldn't Use iPhone Mirroring on a Corporate Mac

by

Apple's new iPhone Mirroring feature in macOS Sequoia might seem like a convenient way to access your phone from your work computer, but security firm Sevco has uncovered a significant privacy risk that should make employees think twice before enabling this feature on company-owned Macs, at least for now.

macos sequoia macbook air iphone mirroring app icon in dock
According to a new blog post by Sevco, the core issue lies in how iPhone Mirroring interacts with macOS's file system and metadata. When activated, the feature creates "app stubs" for iOS applications in a specific directory on the Mac:

/Users//Library/Daemon Containers//Data/Library/Caches/

These app stubs contain metadata about the iOS apps, including icons, application names, dates, versions, and file descriptions. While they don't include the full executable code, they provide enough information for macOS to treat them as installed applications.

The problem arises because many enterprise security and IT management tools routinely scan Macs for installed software. These tools often use macOS's built-in metadata system, which now includes these iOS app stubs. As a result, personal iPhone apps can inadvertently appear in corporate software inventories.

Sevco demonstrated this issue using the macOS command line tool mdfind, which interfaces with the Spotlight search subsystem:

mdfind "kMDItemContentTypeTree == com.apple.application" | grep Daemon

When executed in a Terminal window that has been granted full disk access without setting up iPhone Mirroring, the command returns a normal list of macOS applications. But when executed in that same Terminal window after setting up iPhone Mirroring, it also returns personal iOS applications and metadata.

For employees, this means that apps they use privately could become visible to their employer's IT department without their knowledge or consent. This could potentially reveal sensitive personal information, such as dating apps, health-related apps, or VPNs used in countries with restricted internet access.

macos sequoia iphone mirroring

Sevco has alerted Apple to this privacy concern, and the company is reportedly working on a fix. However, until a patch is released and widely implemented, the risks remain. For now, employees should avoid using iPhone Mirroring on work Macs. Companies should also be aware of this potential data liability and consider temporarily disabling the feature on corporate devices if possible.

Related Roundup: macOS Sequoia
Tag: macOS Security
Related Forum: macOS Sequoia

Popular Stories

Generic iOS 18

Apple Announces iOS 18.2 Launching Today With These New Features

Wednesday December 11, 2024 5:23 am PST by
Apple has announced that iOS 18.2, iPadOS 18.2, and macOS Sequoia 15.2 will be released today following more than six weeks of beta testing. For the iPhone 15 Pro and iPhone 16 models, the update introduces additional Apple Intelligence features, including Genmoji for creating custom emoji, Image Playground and Image Wand for generating images, and ChatGPT integration for Siri. There is also ...
Read Full Article57 comments
Generic iOS 18

Apple Seeds Second Release Candidate Versions of iOS 18.2 and More With Genmoji, Image Playground and ChatGPT Integration

Monday December 9, 2024 10:06 am PST by
Apple today seeded the second release candidate versions of upcoming iOS 18.2, iPadOS 18.2, and macOS 15.2 updates to developers and public beta testers for testing purposes, a week after releasing the first RCs. The first iOS 18.2 RC had a build number of 22C150, while the second RC's build number is 22C151. Release candidates represent the final version of beta software that's expected to see a ...
Read Full Article93 comments
iPhone SE 4 Single Camera Thumb 3

iPhone SE 4 Said to Feature 48MP Rear Lens, 12MP TrueDepth Camera

Monday December 9, 2024 4:48 am PST by
Apple's forthcoming iPhone SE 4 will feature a single 48-megapixel rear camera and a 12-megapixel TrueDepth camera on the front, according to details revealed in a new Korean supply chain report. ET News reports that Korea-based LG Innotek is the main supplier of the front and rear camera modules for the more budget-friendly ~$400 device, which is expected to launch in the first quarter of...
Read Full Article133 comments
Apple MacBook Pro M4 hero

MacBook Pros With OLED Displays Won't Have a Notch, Roadmap Shows

Monday December 9, 2024 7:36 am PST by
Apple plans to remove the notch from the MacBook Pro in a few years from now, according to a roadmap shared by research firm Omdia. The roadmap shows that 14-inch and 16-inch MacBook Pro models released in 2026 will have a hole-punch camera at the top of the display, instead of a notch. It is unclear if there would simply be a pinhole in the display, or if Apple would expand the iPhone's...
Read Full Article116 comments
vipps nfc tap to pay iphone

World's First Apple Pay Alternative for iPhone Launches in Norway

Monday December 9, 2024 1:28 am PST by
Norwegian payment service Vipps has become the world's first company to launch a competing tap-to-pay solution to Apple Pay on iPhone, following Apple's agreement with European regulators to open up its NFC technology to third parties. Starting December 9, Vipps users in Norway can make contactless payments in stores using their iPhones. The service initially supports customers of SpareBank...
Read Full Article179 comments
New Things Your iPhone Can Do in iOS 18

20 New Things Your iPhone Can Do in iOS 18.2

Friday December 6, 2024 4:42 am PST by
Apple is set to release iOS 18.2 in the second week of December, bringing the second round of Apple Intelligence features to iPhone 15 Pro and iPhone 16 models. This update brings several major advancements to Apple's AI integration, including completely new image generation tools and a range of Visual Intelligence-based enhancements. There are a handful of new non-AI related feature controls...
Read Full Article28 comments
Apple Watch Series 10 lineup 240909 feature

Apple Watch Could Get Blood Pressure Monitoring in 2025

Tuesday December 10, 2024 11:51 am PST by
Apple is ramping up work on a blood pressure monitoring feature for the Apple Watch and it could be ready as soon as 2025, reports Bloomberg's Mark Gurman. Blood pressure monitoring is a health addition that Apple has been working on for the last several years, and based on rumors, Apple wanted to debut it in 2024. The feature would not provide exact systolic and diastolic blood pressure...
Read Full Article68 comments
macOS Sequoia Night Feature

Apple Releases macOS Sequoia 15.2 With New Apple Intelligence Features

Wednesday December 11, 2024 10:02 am PST by
Apple today released macOS Sequoia 15.2, the second update to the macOS Sequoia operating system that was released in September. macOS Sequoia 15.2 comes over a month after the release of macOS Sequoia 15.1. Mac users can download the ‌macOS Sequoia‌ update through the Software Update section of System Settings. macOS Sequoia 15.2 adds Image Playground, an app that lets you create...
Read Full Article137 comments

Top Rated Comments

Line_Noise Avatar
Line_Noise
9 weeks ago
More pointedly, don’t use your personal Apple ID on a corporate Mac. Because that’s a requirement for enabling iPhone Mirroring.
Score: 25 Votes (Like | Disagree)
00001000bit Avatar
00001000bit
9 weeks ago
I imagine employers also do not want this.

I use the personal (free) license for Fusion360 and have it on my phone. If that appears on a corporate owned computer, is the company now liable for a commercial license? It's not like Autodesk is particularly forgiving about commercial licensing.
Score: 11 Votes (Like | Disagree)
mattopotamus Avatar
mattopotamus
9 weeks ago
It is times like this I am happy I work for a small business and I am the "IT" person haha.
Score: 11 Votes (Like | Disagree)
ignatius345 Avatar
ignatius345
9 weeks ago
You can't mirror your personal iPhone mirroring onto a Mac signed into a different Apple ID.

If your work computer and your personal iPhone are signed into the same Apple ID, that Mac already has access to ALL OF YOUR STUFF -- texts, files, browsing history and even your ****ing iCloud Keychain.

There is no "security failure" here whatsoever, except on the part of any user stupid enough to set up a machine they don't own with access to all their personal information.
Score: 10 Votes (Like | Disagree)
Lyrics23 Avatar
Lyrics23
9 weeks ago

Well now we know why Apple does not release it in the EU-SSR
Uh, why? Apple’s security failure in this instance has literally nothing to do with the EU.

I suppose a company choosing to abuse the flaw might fall afoul of GDPR’s privacy protections, depending on why they’re gathering the data and what they do with it, but that has nothing to do with Apple.

Though I suppose the way you misnamed the EU shows clearly enough that you are only posting in bad-faith, without having any actual argument.
Score: 10 Votes (Like | Disagree)
B4U Avatar
B4U
9 weeks ago
And why would you use a personal Apple ID on the work laptop anyway?
Score: 9 Votes (Like | Disagree)
Read All Comments